Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 5 Jan 2012 11:24:22 +0000 (UTC)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r229586 - head/sys/net
Message-ID:  <201201051124.q05BOMhf032163@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: rwatson
Date: Thu Jan  5 11:24:22 2012
New Revision: 229586
URL: http://svn.freebsd.org/changeset/base/229586

Log:
  Add comment to the VLAN code about its integration with VIMAGE: we see what
  the code is doing, we recognise the legitimacy of its goal, but we're not
  quite sure it's going about it the right way.  More pondering is clearly
  required.
  
  Sponsored by:	ADARA Networks, Inc.
  Discussed with:	bz
  MFC after:	3 days

Modified:
  head/sys/net/if_vlan.c

Modified: head/sys/net/if_vlan.c
==============================================================================
--- head/sys/net/if_vlan.c	Thu Jan  5 11:16:42 2012	(r229585)
+++ head/sys/net/if_vlan.c	Thu Jan  5 11:24:22 2012	(r229586)
@@ -1597,6 +1597,13 @@ vlan_ioctl(struct ifnet *ifp, u_long cmd
 
 	case SIOCSETVLAN:
 #ifdef VIMAGE
+		/*
+		 * XXXRW/XXXBZ: The goal in these checks is to allow a VLAN
+		 * interface to be delegated to a jail without allowing the
+		 * jail to change what underlying interface/VID it is
+		 * associated with.  We are not entirely convinced that this
+		 * is the right way to accomplish that goal policy goal.
+		 */
 		if (ifp->if_vnet != ifp->if_home_vnet) {
 			error = EPERM;
 			break;



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201201051124.q05BOMhf032163>